一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

All sysmon event types and their fields explained

pyspark🍒🥭 is delicious，just eat it!😋😋

Python渗透漏洞工具

DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。

The official Python library for Shodan

OneForAll是一款功能强大的子域收集工具

红队基础设施自动化部署工具

[archived] 一款实验性质的主机入侵检测系统

攻击日志分析工具

An open source analysis web log tool

An extensible and concurrency pentest framework in Go, also with WebGUI. Feel free to CONTRIBUTE!

Loki - Simple IOC and YARA Scanner

All Algorithms implemented in Python

Repo for FUZE project. I will also publish some Linux kernel LPE exploits for various real world kernel vulnerabilities here. the samples are uploaded for education purposes for red and blue teams.

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

测评工具

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

根据关键字与 hosts 生成的关键词，利用 github 提供的 api，监控 git 泄漏。

Interactive Network Scanner

dns tunnel dectect with CNN

Exploit management framework

A curated list of tools for incident response

Gitbook

Exchange your privileges for Domain Admin privs by abusing Exchange

CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability

wtfpython的中文翻译/持续🚧.../ 能力有限，欢迎帮我改进翻译